Data protection laws: processes as the key to compliance

by Sojo Nagaroor

25. January 2024 4 minutes
Datenschutzgesetze Prozesse als Schlussel zur Einhaltung

The New Federal Act on Data Protection (nFADP) came into effect on September 1, 2023, forcing companies to rethink their data processing. SMEs without their own legal department in particular face the major challenge of dealing with the new legislation. This requires a lot of time and resources.

Using the following case study, we will show you how you can better protect yourself with the process collection created by the HES-SO and brix IT Solution.

Easily implement data protection compliance with processes

The company Notebook Buddy uses brix repository to ensure data protection compliance

Notebook Buddy, a company specialized in selling and repairing laptops, is currently focusing on the implementation of the New Federal Act on Data Protection (nFADP). This law entails stricter requirements, which is why Notebook Buddy is reviewing its internal processes to adapt them to the new legal provisions. To achieve this goal, the company has decided to use the process collection carefully compiled by brix and HES-SO.

By using the repository, Notebook Buddy was able to avoid the tedious work of combing through extensive and demanding legal texts while developing clear guidelines for implementing the new data protection law. The processes in the repository emphasize the importance of compliance with the nFADP and the possible consequences of non-compliance.

Notebook Buddy found various processes in the process collection to prepare for the New Federal Act on Data Protection. These included a process for defining responsibilities. This helped Notebook Buddy to identify a person responsible for data protection who would also take care of implementation and coordination. The process recorded in the repository guided the responsible person through the most important steps.

According to the process descriptions, the person responsible for data protection began by identifying the relevant workflows in which personal data is processed. The data was then categorized, and additional security measures were defined for particularly sensitive data.

After identifying the various tasks, Notebook Buddy was able to utilize the checklist provided in the repository to verify compliance with all significant aspects of data protection and devise appropriate measures to address any outstanding issues. In addition, those responsible received information on potential data protection risks and corresponding procedural suggestions for dealing with outstanding issues.

Thanks to the repository, the collections of processes and checklists it contains, Notebook Buddy was able to adapt its data protection compliance to the new provisions of the Federal Act on Data Protection. Although data protection breaches can never be completely ruled out, they now know where they can obtain easily accessible recommendations for action in the event of such an incident. And so, Notebook Buddy can minimize or even prevent possible penalties in the data protection context.

Notebook Buddy not only received practice-oriented recommendations for action, but was also able to save considerable resources and costs by using the repository created by brix and the HES-SO to offer its customers a secure and data protection-compliant service.

Would you also like to simplify the implementation of the nFADP and minimize risks?

Get more security with the process collection

Related topics


Get better privacy compliance in a few steps

27. June 2023

Improve data protection compliance - Learn how to protect your data and comply with policies in just a few steps.

Privacy Compliance 700 x 300 px

Effective recommendations for action to increase privacy compliance

10. August 2023

The protection of personal data is becoming increasingly important in the digital world. With the new Federal Act on Data Protection (nFADP) coming into force on September 1, companies are faced with the task of adapting to the new regulations to avoid fines. In this article, we present practical recommendations for action to improve your privacy compliance.

Datenschutz 700 x 300 px

Improving privacy compliance through optimized process flows

27. July 2023

Today, with data privacy and security playing an increasingly important role, it is crucial for companies to ensure privacy compliance. Here you can learn how processes can help to improve this sustainably.